
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/Eb67nR4_r4j8Qlyfns20ti-cJT8.roa
File: Eb67nR4_r4j8Qlyfns20ti-cJT8.roa (raw, json)
Hash identifier: lFVr25uX8drF2iD9dDrV81ECiahOTdUT7rmBW8WFEjc=
Subject key identifier: 11:BE:BB:9D:1E:3F:AF:88:FC:42:5C:9F:9E:CD:B4:B6:2F:9C:25:3F
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 01982F77A09F4FE19FAD21E645BB1B1BD5DA
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/Eb67nR4_r4j8Qlyfns20ti-cJT8.roa
Signing time: Tue 22 Jul 2025 00:10:25 +0000
ROA not before: Tue 22 Jul 2025 00:10:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34170
IP address blocks: 80.69.48.0/24 maxlen: 24
80.69.49.0/24 maxlen: 24
80.69.50.0/24 maxlen: 24
80.69.51.0/24 maxlen: 24
80.69.53.0/24 maxlen: 24
80.69.56.0/24 maxlen: 24
80.69.57.0/24 maxlen: 24
80.69.60.0/24 maxlen: 24
91.135.240.0/24 maxlen: 24
91.135.241.0/24 maxlen: 24
91.135.242.0/24 maxlen: 24
91.135.243.0/24 maxlen: 24
91.135.244.0/24 maxlen: 24
91.135.252.0/24 maxlen: 24
91.135.253.0/24 maxlen: 24
92.39.90.0/24 maxlen: 24
92.39.91.0/24 maxlen: 24
92.39.92.0/24 maxlen: 24
92.39.93.0/24 maxlen: 24
92.39.94.0/24 maxlen: 24
158.181.34.0/24 maxlen: 24
158.181.37.0/24 maxlen: 24
158.181.38.0/24 maxlen: 24
158.181.39.0/24 maxlen: 24
158.181.44.0/23 maxlen: 23
158.181.46.0/23 maxlen: 23
185.92.224.0/24 maxlen: 24
185.92.225.0/24 maxlen: 24
185.92.226.0/24 maxlen: 24
185.105.196.0/24 maxlen: 24
185.105.197.0/24 maxlen: 24
185.105.198.0/24 maxlen: 24
185.105.199.0/24 maxlen: 24
212.47.152.0/24 maxlen: 24
212.47.154.0/24 maxlen: 24
212.47.155.0/24 maxlen: 24
212.47.156.0/24 maxlen: 24
212.47.157.0/24 maxlen: 24
212.47.158.0/24 maxlen: 24
2a05:8200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2f:77:a0:9f:4f:e1:9f:ad:21:e6:45:bb:1b:1b:d5:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Jul 22 00:10:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11bebb9d1e3faf88fc425c9f9ecdb4b62f9c253f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:be:76:d2:04:71:8e:5d:a2:10:42:8a:ce:9d:
5f:d5:bf:16:3e:10:e2:d7:77:ed:43:21:fb:7a:84:
42:c2:b9:30:98:83:6c:cf:87:20:36:05:35:ad:76:
b4:5c:2c:37:0e:6c:c3:5b:0b:83:f3:d3:5c:23:d8:
83:e6:63:72:8f:9e:2f:ca:1a:70:14:c1:8e:c0:e0:
3a:d2:d6:00:cb:5c:63:55:9b:9a:b5:43:b3:73:88:
5e:51:6f:f6:4e:39:9e:79:26:16:9e:8b:38:ff:b3:
da:20:f1:55:53:6c:98:d0:28:82:dd:ab:a9:70:d0:
cf:cd:9f:f5:c4:13:36:ea:24:7d:03:aa:d1:9f:ee:
4e:58:01:9a:67:5b:da:d6:a9:59:72:26:56:d0:b7:
59:0b:08:0e:07:65:5c:20:ff:6e:22:73:8d:76:b9:
23:36:93:fa:ca:1a:61:a4:57:42:91:b3:fd:56:33:
85:e1:b4:50:6b:6a:bb:fa:21:54:65:73:b5:1f:c1:
d9:d6:3f:7f:9d:f7:2c:b1:a3:88:d4:b4:7c:e7:91:
69:5c:2b:d8:78:65:3c:76:c9:a6:aa:2f:e3:08:cb:
3a:ac:5a:71:86:d9:95:fd:ab:e1:a3:f1:6b:98:cb:
05:8d:89:c9:45:2b:5f:2c:1b:69:26:97:d0:dd:5c:
db:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:BE:BB:9D:1E:3F:AF:88:FC:42:5C:9F:9E:CD:B4:B6:2F:9C:25:3F
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/Eb67nR4_r4j8Qlyfns20ti-cJT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.69.48.0/22
80.69.53.0/24
80.69.56.0/23
80.69.60.0/24
91.135.240.0-91.135.244.255
91.135.252.0/23
92.39.90.0-92.39.94.255
158.181.34.0/24
158.181.37.0-158.181.39.255
158.181.44.0/22
185.92.224.0-185.92.226.255
185.105.196.0/22
212.47.152.0/24
212.47.154.0-212.47.158.255
IPv6:
2a05:8200::/29
Signature Algorithm: sha256WithRSAEncryption
0e:63:1d:af:c8:08:23:09:ad:a4:7e:07:f6:2b:ac:62:47:a0:
82:2a:6e:8c:09:4d:4e:f2:ad:a4:53:43:40:09:5d:76:4e:cf:
30:6a:dd:29:b0:19:ec:9b:c6:f5:33:bd:89:0f:0b:f6:71:4f:
82:34:92:9d:48:61:35:2e:c0:91:1e:ec:d3:87:fd:7b:17:9d:
84:da:70:20:81:25:b7:0c:84:4b:27:a9:69:59:7d:47:f9:2e:
44:d8:be:df:45:49:f0:b6:30:24:63:f2:3d:c8:4c:f6:47:68:
8d:4f:65:49:8d:dc:30:fd:b7:ba:1d:41:31:64:64:77:a8:0c:
13:d4:6c:ef:28:a4:9c:4a:60:14:41:2c:53:03:c0:38:8b:a7:
22:8c:89:59:29:cd:44:90:7f:41:97:5b:0a:e2:bc:d6:67:4c:
a3:59:0a:aa:b7:46:8b:50:45:e3:25:32:4c:9c:29:c4:95:01:
61:88:2d:3e:d6:44:30:ff:37:6a:25:08:4e:dd:b0:ca:a9:1b:
6a:7b:90:c6:5a:89:f5:c8:4b:3f:2a:d4:fd:a8:cc:95:75:50:
54:1e:51:d3:eb:a8:d9:ce:d8:86:e0:47:b4:32:cb:5f:89:5d:
be:3f:91:9f:61:97:d4:2c:67:f0:5b:0f:54:eb:60:b5:c8:d0:
ec:e0:b2:d6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZgvd6CfT+GfrSHmRbsbG9XaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjUwNzIyMDAxMDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWJlYmI5ZDFlM2ZhZjg4ZmM0MjVjOWY5ZWNkYjRiNjJmOWMyNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7520gRxjl2iEEKKzp1f1b8WPhDi
13ftQyH7eoRCwrkwmINsz4cgNgU1rXa0XCw3DmzDWwuD89NcI9iD5mNyj54vyhpw
FMGOwOA60tYAy1xjVZuatUOzc4heUW/2TjmeeSYWnos4/7PaIPFVU2yY0CiC3aup
cNDPzZ/1xBM26iR9A6rRn+5OWAGaZ1va1qlZciZW0LdZCwgOB2VcIP9uInONdrkj
NpP6yhphpFdCkbP9VjOF4bRQa2q7+iFUZXO1H8HZ1j9/nfcssaOI1LR855FpXCvY
eGU8dsmmqi/jCMs6rFpxhtmV/avho/FrmMsFjYnJRStfLBtpJpfQ3VzbpwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFBG+u50eP6+I/EJcn57NtLYvnCU/MB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvRWI2N25SNF9yNGo4UWx5Zm5zMjB0aS1jSlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEAlBF
MAMEAFBFNQMEAVBFOAMEAFBFPDAMAwQEW4fwAwQAW4f0AwQBW4f8MAwDBAFcJ1oD
BABcJ14DBACetSIwDAMEAJ61JQMEA561IAMEAp61LDAMAwQFuVzgAwQAuVziAwQC
uWnEAwQA1C+YMAwDBAHUL5oDBADUL54wDQQCAAIwBwMFAyoFggAwDQYJKoZIhvcN
AQELBQADggEBAA5jHa/ICCMJraR+B/YrrGJHoIIqbowJTU7yraRTQ0AJXXZOzzBq
3SmwGeybxvUzvYkPC/ZxT4I0kp1IYTUuwJEe7NOH/XsXnYTacCCBJbcMhEsnqWlZ
fUf5LkTYvt9FSfC2MCRj8j3ITPZHaI1PZUmN3DD9t7odQTFkZHeoDBPUbO8opJxK
YBRBLFMDwDiLpyKMiVkpzUSQf0GXWwrivNZnTKNZCqq3RotQReMlMkycKcSVAWGI
LT7WRDD/N2olCE7dsMqpG2p7kMZaifXISz8q1P2ozJV1UFQeUdPrqNnO2IbgR7Qy
y1+JXb4/kZ9hl9QsZ/BbD1TrYLXI0OzgstY=
-----END CERTIFICATE-----
Generated at Sun Jul 27 23:48:32 2025 by rpki-client